{"vulnerability": "cve-2024-4886", "sightings": [{"uuid": "c3c76e60-d2cc-479c-9a69-8ad9696db2f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48860", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/113550186886529518", "content": "", "creation_timestamp": "2024-11-26T16:25:55.031725Z"}, {"uuid": "17a0465f-fcbd-4a03-b8b4-16660a7cef17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48861", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/113550186886529518", "content": "", "creation_timestamp": "2024-11-26T16:25:55.069035Z"}, {"uuid": "c5b20b2b-bc61-4d06-950b-9431dea64dc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48860", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113527344540730098", "content": "", "creation_timestamp": "2024-11-22T15:36:43.627979Z"}, {"uuid": "ef1b1fc7-d7d0-4f66-9932-a84e4c6d84cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48860", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113527330508498956", "content": "", "creation_timestamp": "2024-11-22T15:33:09.545321Z"}, {"uuid": "4ae103e8-3b3b-48c3-95ae-370748034a5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48861", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113527330524761008", "content": "", "creation_timestamp": "2024-11-22T15:33:09.741395Z"}, {"uuid": "05a29ed9-8285-424c-9f7a-4ced0a1a1279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48862", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113527330538981650", "content": "", "creation_timestamp": "2024-11-22T15:33:09.963524Z"}, {"uuid": "889c2f90-fe73-4c87-9798-c5addc5dfff0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48861", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113527344555907038", "content": "", "creation_timestamp": "2024-11-22T15:36:43.982942Z"}, {"uuid": "9a464bdb-9120-4fdb-8e28-861b1ff36283", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48862", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113527344569799324", "content": "", "creation_timestamp": "2024-11-22T15:36:44.056866Z"}, {"uuid": "419abd30-87a3-4287-8507-7e59b3e502be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48864", "type": "seen", "source": "https://t.me/cvedetector/19857", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48864 - QNAP File Station Remote File Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48864 \nPublished : March 7, 2025, 5:15 p.m. | 1\u00a0hour, 59\u00a0minutes ago \nDescription : A files or directories accessible to external parties vulnerability has been reported to affect File Station 5. If exploited, the vulnerability could allow remote attackers to read/write files or directories.  \n  \nWe have already fixed the vulnerability in the following versions:  \nFile Station 5 5.5.6.4741 and later \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-07T20:48:14.000000Z"}, {"uuid": "ec90107b-1c17-49e5-96b1-c33b605cae64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48869", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp3hodgq3xq2", "content": "", "creation_timestamp": "2025-05-13T22:08:55.304720Z"}, {"uuid": "75116455-d3a8-4d16-b2ad-c2bed5b3c040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48860", "type": "seen", "source": "https://t.me/itsec_news/4826", "content": "\u200b\u26a1\ufe0f9.5 \u0431\u0430\u043b\u043b\u043e\u0432 \u0443\u0433\u0440\u043e\u0437\u044b: \u0447\u0435\u043c \u0440\u0438\u0441\u043a\u0443\u044e\u0442 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b \u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 QNAP\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f QNAP \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0440\u044f\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0440\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 Notes Station 3, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 NAS. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-38643 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9.3 \u043f\u043e CVSS \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438. \u0414\u0440\u0443\u0433\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430, CVE-2024-38645 (CVSS: 9.4) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 (SSRF), \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 3.9.7.\n\n\u0412 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 QuRouter \u0432\u0435\u0440\u0441\u0438\u0438 2.4.x \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-48860 (CVSS 9.5), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 2.4.3.106, \u0433\u0434\u0435 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u043c\u0435\u043d\u0435\u0435 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 CVE-2024-48861 (CVSS: 7.3).\n\n\u0422\u0430\u043a\u0436\u0435 \u0432 Notes Station 3 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-38644 (CVSS: 8.7) \u0438 CVE-2024-38646 (CVSS: 8.4) \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0434\u0430\u043d\u043d\u044b\u043c. \u0418\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u0433\u0440\u043e\u0437 \u043f\u043e CVSS \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8.7 \u0438 8.4.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b QNAP AI Core, QuLog Center, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b QTS \u0438 QuTS Hero. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u0432\u044b\u0434\u0435\u043b\u044f\u044e\u0442\u0441\u044f:\n\nCVE-2024-38647 (CVSS: 7.9): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 QNAP AI Core, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 3.4.1.\nCVE-2024-48862 (CVSS: 8.7) \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432 QuLog Center \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 1.7.0.831 \u0438 1.8.0.888.\nCVE-2024-50396 (CVSS: 7.7) \u0438 CVE-2024-50397 (CVSS: 7.7) \u043e\u0448\u0438\u0431\u043a\u0438 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0444\u043e\u0440\u043c\u0430\u0442\u0430\u043c\u0438 \u0441\u0442\u0440\u043e\u043a \u0432 QTS \u0438 QuTS Hero, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 5.2.1.2930 \u0438 h5.2.1.2929.\n\nQNAP \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043d\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c VPN \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-11-26T17:52:20.000000Z"}, {"uuid": "e34a4f8b-b84f-4a13-b64b-d8ea692e83ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48861", "type": "seen", "source": "https://t.me/itsec_news/4826", "content": "\u200b\u26a1\ufe0f9.5 \u0431\u0430\u043b\u043b\u043e\u0432 \u0443\u0433\u0440\u043e\u0437\u044b: \u0447\u0435\u043c \u0440\u0438\u0441\u043a\u0443\u044e\u0442 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b \u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 QNAP\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f QNAP \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0440\u044f\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0440\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 Notes Station 3, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 NAS. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-38643 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9.3 \u043f\u043e CVSS \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438. \u0414\u0440\u0443\u0433\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430, CVE-2024-38645 (CVSS: 9.4) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 (SSRF), \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 3.9.7.\n\n\u0412 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 QuRouter \u0432\u0435\u0440\u0441\u0438\u0438 2.4.x \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-48860 (CVSS 9.5), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 2.4.3.106, \u0433\u0434\u0435 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u043c\u0435\u043d\u0435\u0435 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 CVE-2024-48861 (CVSS: 7.3).\n\n\u0422\u0430\u043a\u0436\u0435 \u0432 Notes Station 3 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-38644 (CVSS: 8.7) \u0438 CVE-2024-38646 (CVSS: 8.4) \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0434\u0430\u043d\u043d\u044b\u043c. \u0418\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u0433\u0440\u043e\u0437 \u043f\u043e CVSS \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8.7 \u0438 8.4.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b QNAP AI Core, QuLog Center, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b QTS \u0438 QuTS Hero. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u0432\u044b\u0434\u0435\u043b\u044f\u044e\u0442\u0441\u044f:\n\nCVE-2024-38647 (CVSS: 7.9): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 QNAP AI Core, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 3.4.1.\nCVE-2024-48862 (CVSS: 8.7) \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432 QuLog Center \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 1.7.0.831 \u0438 1.8.0.888.\nCVE-2024-50396 (CVSS: 7.7) \u0438 CVE-2024-50397 (CVSS: 7.7) \u043e\u0448\u0438\u0431\u043a\u0438 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0444\u043e\u0440\u043c\u0430\u0442\u0430\u043c\u0438 \u0441\u0442\u0440\u043e\u043a \u0432 QTS \u0438 QuTS Hero, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 5.2.1.2930 \u0438 h5.2.1.2929.\n\nQNAP \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043d\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c VPN \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-11-26T17:52:20.000000Z"}, {"uuid": "fbbf79bc-0665-4d44-8ea6-7444ab40acfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48862", "type": "seen", "source": "https://t.me/itsec_news/4826", "content": "\u200b\u26a1\ufe0f9.5 \u0431\u0430\u043b\u043b\u043e\u0432 \u0443\u0433\u0440\u043e\u0437\u044b: \u0447\u0435\u043c \u0440\u0438\u0441\u043a\u0443\u044e\u0442 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u044b \u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 QNAP\n\n\ud83d\udcac \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f QNAP \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0440\u044f\u0434 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0440\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435. \u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0447\u0442\u043e\u0431\u044b \u0438\u0437\u0431\u0435\u0436\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u043e\u0432.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 Notes Station 3, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 NAS. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-38643 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9.3 \u043f\u043e CVSS \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0435\u0437 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438. \u0414\u0440\u0443\u0433\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430, CVE-2024-38645 (CVSS: 9.4) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u043e\u0439 \u043f\u043e\u0434\u0434\u0435\u043b\u043a\u043e\u0439 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 (SSRF), \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u0442\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 3.9.7.\n\n\u0412 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u0445 QuRouter \u0432\u0435\u0440\u0441\u0438\u0438 2.4.x \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-48860 (CVSS 9.5), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 2.4.3.106, \u0433\u0434\u0435 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u043c\u0435\u043d\u0435\u0435 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u043e\u0448\u0438\u0431\u043a\u0430 CVE-2024-48861 (CVSS: 7.3).\n\n\u0422\u0430\u043a\u0436\u0435 \u0432 Notes Station 3 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-38644 (CVSS: 8.7) \u0438 CVE-2024-38646 (CVSS: 8.4) \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0434\u0430\u043d\u043d\u044b\u043c. \u0418\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u0433\u0440\u043e\u0437 \u043f\u043e CVSS \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 8.7 \u0438 8.4.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b QNAP AI Core, QuLog Center, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b QTS \u0438 QuTS Hero. \u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445 \u0432\u044b\u0434\u0435\u043b\u044f\u044e\u0442\u0441\u044f:\n\nCVE-2024-38647 (CVSS: 7.9): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 QNAP AI Core, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 3.4.1.\nCVE-2024-48862 (CVSS: 8.7) \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441 \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0444\u0430\u0439\u043b\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432 QuLog Center \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 1.7.0.831 \u0438 1.8.0.888.\nCVE-2024-50396 (CVSS: 7.7) \u0438 CVE-2024-50397 (CVSS: 7.7) \u043e\u0448\u0438\u0431\u043a\u0438 \u0440\u0430\u0431\u043e\u0442\u044b \u0441 \u0444\u043e\u0440\u043c\u0430\u0442\u0430\u043c\u0438 \u0441\u0442\u0440\u043e\u043a \u0432 QTS \u0438 QuTS Hero, \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 5.2.1.2930 \u0438 h5.2.1.2929.\n\nQNAP \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043d\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c \u0447\u0443\u0432\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u043a \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0443 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c VPN \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-11-26T17:52:20.000000Z"}, {"uuid": "367693e0-b212-4a24-9684-44a37679683b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48869", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16238", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48869\n\ud83d\udd25 CVSS Score: 5.6 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Improper restriction of software interfaces to hardware features for some Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX) may allow a privileged user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2025-05-13T21:03:22.922Z\n\ud83d\udccf Modified: 2025-05-13T21:03:22.922Z\n\ud83d\udd17 References:\n1. https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01268.html", "creation_timestamp": "2025-05-13T21:30:56.000000Z"}, {"uuid": "5eee025a-4647-4aac-8432-440bc03460db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48867", "type": "seen", "source": "https://t.me/cvedetector/12260", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48867 - An improper neutralization of CRLF sequences ('CRL\", \n  \"Content\": \"CVE ID : CVE-2024-48867 \nPublished : Dec. 6, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to modify application data.  \n  \nWe have already fixed the vulnerability in the following versions:  \nQTS 5.1.9.2954 build 20241120 and later  \nQTS 5.2.2.2950 build 20241114 and later  \nQuTS hero h5.1.9.2954 build 20241120 and later  \nQuTS hero h5.2.2.2952 build 20241116 and later \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T18:58:33.000000Z"}, {"uuid": "6934b36f-0b68-4cc7-a4ad-fddddab200e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48866", "type": "seen", "source": "https://t.me/cvedetector/12258", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48866 - An improper handling of URL encoding (Hex Encoding\", \n  \"Content\": \"CVE ID : CVE-2024-48866 \nPublished : Dec. 6, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : An improper handling of URL encoding (Hex Encoding) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to run the system into unexpected state.  \n  \nWe have already fixed the vulnerability in the following versions:  \nQTS 5.1.9.2954 build 20241120 and later  \nQTS 5.2.2.2950 build 20241114 and later  \nQuTS hero h5.1.9.2954 build 20241120 and later  \nQuTS hero h5.2.2.2952 build 20241116 and later \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T18:58:28.000000Z"}, {"uuid": "ae9cb7da-223f-4788-9f33-4f5c5a0ab9d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48863", "type": "seen", "source": "https://t.me/cvedetector/12256", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48863 - A command injection vulnerability has been reporte\", \n  \"Content\": \"CVE ID : CVE-2024-48863 \nPublished : Dec. 6, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : A command injection vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers to execute arbitrary commands.  \n  \nWe have already fixed the vulnerability in the following version:  \nLicense Center 1.9.43 and later \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T18:58:26.000000Z"}, {"uuid": "92ce338b-dd4a-4b24-8619-2eee573daf6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48865", "type": "seen", "source": "https://t.me/cvedetector/12257", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48865 - An improper certificate validation vulnerability h\", \n  \"Content\": \"CVE ID : CVE-2024-48865 \nPublished : Dec. 6, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : An improper certificate validation vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow attackers with local network access to compromise the security of the system.  \n  \nWe have already fixed the vulnerability in the following versions:  \nQTS 5.1.9.2954 build 20241120 and later  \nQTS 5.2.2.2950 build 20241114 and later  \nQuTS hero h5.1.9.2954 build 20241120 and later  \nQuTS hero h5.2.2.2952 build 20241116 and later \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T18:58:27.000000Z"}, {"uuid": "5b4aeddb-e7a5-4377-850b-964d5acf205f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48868", "type": "seen", "source": "https://t.me/cvedetector/12249", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48868 - An improper neutralization of CRLF sequences ('CRL\", \n  \"Content\": \"CVE ID : CVE-2024-48868 \nPublished : Dec. 6, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : An improper neutralization of CRLF sequences ('CRLF Injection') vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to modify application data.  \n  \nWe have already fixed the vulnerability in the following versions:  \nQTS 5.1.9.2954 build 20241120 and later  \nQTS 5.2.2.2950 build 20241114 and later  \nQuTS hero h5.1.9.2954 build 20241120 and later  \nQuTS hero h5.2.2.2952 build 20241116 and later \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T18:58:18.000000Z"}]}